U.S. needs a cyber plan

Mar. 31, 2014 - 06:00AM
|

Timothy Sample Battelle (Rick Kozak / Federal Times)

ADVERTISEMENT

Recently, during the annual hearing on the nation’s most significant security threats, James Clapper, director of national intelligence, testified before the Senate Select Committee on Intelligence that “[s]everal critical governmental, commercial and societal changes are converging that will threaten a safe and secure online environment.”

What is clear from that testimony and recent events is that the country is teetering on a precipice. Our need for national security to exceed technical advances, our interdependence on the Internet and the economic boon of Big Data cannot be unwound.

As a nation, we are grappling with the questions of how far is too far with surveillance and how do we define the right balance among protection of personal liberties, market participation, government oversight and protection of our freedoms.

The threats we face — economically and militarily — are nontraditional, asymmetrical and not necessarily obvious. The “what if” scenarios of science fiction, from taking down critical infrastructure to controlling mass media and creating widespread panic through disinformation, are imaginable and possible.

Hacking, cyberterrorism and espionage do not respect borders and are never neatly wrapped up into well-defined packages. We may not always know exactly who means to do the U.S. harm, but we could still find ourselves trying to triage a situation and secure our economic assets and protect our nation’s health. From a military standpoint, we have only minutes and seconds to take countermeasures. The same can be said of securing our economic and financial systems, but they are less structured to respond.

To move forward, President Barack Obama must convene experts from government, business, academia and also privacy proponents and direct them toward an outcome, a desired goal. That goal is clear: Define, establish and adopt a national-level doctrine for the cyber era, an overarching set of principles on the roles of American business and government in working toward national security goals.

(Page 2 of 2)

Such a doctrine should articulate the expectations that each of us, as citizens, have in terms of our government and, yes, our freedoms.

As important, such a doctrine would define the government’s expectations of its citizens to help protect our country in this cyber era, when any node on a network, including your personal computer, could be compromised by those who would do us harm.

Done correctly, implementation of a new national-level doctrine could bring the nation together in focus and action.

In 2012, I convened a panel of experts from private industry, academia, military intelligence and government to define the issues we face in the new world of cyberwarfare and changing definitions of both security and privacy. The approximately 30 members defined a framework for developing the doctrine. The major points agreed upon by these experts are:

■The U.S. views the Internet as a critical component of its national security and wishes to enforce a secure, peaceful cyberspace.

■In doing so, the U.S. will take the lead internationally in cooperation with, but not subject to, other nations’ desires.

■The U.S. government, in cooperation with the private sector and individuals, will work to pursue reasonable rules for safe use and development of cyberspace.

■The U.S. will use all offensive and defensive means to protect its citizens and interests in cyberspace.

■The U.S. government will work in cooperation with its academic and corporate actors and citizens to establish a firm understanding of citizenship in the cyber age.

We urge the president to take a bold move and push this debate ahead to establish a doctrine that leads the U.S. in the cyber era.■